If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)

Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

Health and safety issues of iris scanning and password loss

Impetus · 2017-04-28 21:19:17

I bought a new Samsung Galaxy S8 in Paris the other day (France seems to be the only country in Europe where the product is widely available). It has a number of options for access control - fingerprint, PIN, iris scanning, pattern zig zag. A nice phone - feels smaller than the Note range, but has a larger screen. I…

28-04-2017 10:19pm

#1

Impetus

Registered Users, Registered Users 2 Posts: 1,667 ✭✭✭

Join Date: September 2013

Posts: 1346

I bought a new Samsung Galaxy S8 in Paris the other day (France seems to be the only country in Europe where the product is widely available).

It has a number of options for access control - fingerprint, PIN, iris scanning, pattern zig zag. A nice phone - feels smaller than the Note range, but has a larger screen.

I selected iris scanning, and was brought to a warning page about the possible risk of LED light and one's eyes from Samsung.

So I declined and opted for other, less secure options. I don't keep any data worth stealing on my phone and use protonmail.com for email - which has its own serious security, which is ideal when sending copies of ID or credit cards to suppliers who assume everybody is a thief. The only reason I use security is to prevent a phone thief from running up a big phone bill on my account.

(While you can send encrypted emails to people who have junk email accounts from protonmail, - eg google, yahoo, etc, any attachments are not encrypted unless the other party has protonmail too).

(A friend of mine emailed me today, to say he had lost his protonmail password. The only response I could give is there is nothing you can do other than a password reset (he didn't register an alternative email address for password restoration during the set-up). This locks you out of your old email account and gives you a new one with the same email address - and no sent or received legacy messages etc. There is nothing the people at Proton can do either because the email account is encrypted using the password as part of the algo. And they have no access to that. I advised him that if he remembers the password at some future point, he can get back in to his old account. In the meantime, work with a new account using the same name, using a re-set.

This guy is too intelligent to fall into the trap of a 'this is Google' phone call or text message. But zillions of people are not.

https://youtu.be/_dj_90TnVbo

Google & co have all these password re-set crap options - eg sms or email to another address. These dumb password re-set options can be breached.

Aside from the fact that while mobile phone voice calls are encrypted (to a varying extent between your phone and the cellsite, textos to and from your phone are sent in cleartext over the air interface).

See video above for more.

0